Systems and methods for providing electronic archiving

ABSTRACT

Systems and methods are disclosed for providing secure electronic archiving of customer ( 120 ) data over a network ( 110 ). Electronic postmarks are used to track archival of the data, access request for the archived ( 101 ) data, and fulfillment of the access requests.

CROSS REFERENCE TO RELATED APPLICATION

This application claims priority from U.S. Provisional Application Ser.No. 60/231,337, filed Sep. 8, 2000, by Leo J. Campbell and titledSYSTEMS AND METHODS FOR PROVIDING ELECTRONIC ARCHIVING, the disclosureof which is expressly incorporated herein by reference.

DESCRIPTION OF THE INVENTION

1. Field of the Invention

This invention relates to providing secure electronic archiving ofcustomer data over a network. In addition, this invention relates toprocessing requests for the access of the electronic information to acustomer or a third party specified by the customer.

2. Background of the Invention

Current electronic archive systems provide for the long-term storage ofelectronic files. Typically such systems require specialized softwareand/or are incorporated in document management software packages, suchas DocuXplorer by Archive Power Systems, Inc. One known system forproviding archival and retrieval of electronic messages, such as emailsand their attachments, is ZANTAZ, by Zantaz, Inc. What is needed is asecure archive system for archival and retrieval of customer data filesby incorporating secure customer identification through the use ofdigital certificates, and by utilizing electronic postmarks (“EPMs”) tostore customer data and to facilitate tracking of customer data. What isalso needed is a secure archive system that is independent of customerhardware and software platforms.

SUMMARY OF THE INVENTION

The present invention provides an archive system that customers mayaccess through a browser over a network using secure communicationtransmissions, and using electronic postmarks (“EPMs”) to facilitatetracking of customer data. An EPM is a time-stamped andcryptographically sealed digital hash that accompanies an electronicmessage, to detect modification of the latter. The EPM for a message mayinclude a time and date stamp indicating when the EPM was generated. Thecontents of an EPM are digitally “sealed” by the addition of a digitalsignature. An exemplary EPM is described in U.S. Ser. No. 09/675,677,filed Sep. 29, 2000, by Leo J. Campbell et al. and titled “Systems andMethods for Authenticating an Electronic Message,” the disclosure ofwhich is expressly incorporated herein by reference to its entirety. Inaddition, an embodiment of the invention provides an archive system thatis independent of customer hardware and software platforms.

More specifically, and in accordance with an embodiment of theinvention, systems and methods are disclosed for providing customeraccessible archiving of electronic files. Such systems and methodsprovide for establishing an account for a customer; receiving from thecustomer a storage request for archiving, wherein the storage requestincludes the electronic file and customer identification information;creating a storage EPM corresponding to the storage request; and storingthe electronic file together with the storage EPM.

In accordance with another embodiment of the invention, systems andmethods are disclosed for providing a customer access to the electronicfiles in an archive, wherein the electronic file is stored with astorage EPM. Such systems and methods receive an access request from thecustomer for the electronic file, wherein the access request includesthe customer identification information and information identifying theelectronic file in the archive; verify that the customer may access theelectronic file based on the customer identification information and theinformation identifying the electronic file in the archive; retrieve thestored electronic file from the archive; and provide the retrievedelectronic file to the customer.

In accordance with yet another embodiment of the invention, systems andmethods are disclosed for providing access to an electronic file in anarchive to a third party, wherein the electronic file is stored with astorage EPM. Such systems and methods provide for receiving from acustomer a link request to permit access of the electronic file by thethird party, wherein the link request includes information identifyingthe electronic file in the archive, customer identification informationincluding the customer's digital certificate, and the third party'sdigital certificate; authenticating the customer based on the customeridentification information; linking the customer's digital certificateto the third party's digital certificate, when the customer has beenauthenticated; receiving an access request from the third party, whereinthe access request includes identification information about the thirdparty and the information identifying the electronic file in thearchive; verifying that the third party may access the electronic filebased on identification information about the third party; retrievingthe electronic file from the archive; and providing the retrievedelectronic file to the third party.

It is to be understood that both the foregoing general description andthe following detailed description are exemplary and explanatory onlyand are not restrictive of the invention, as claimed.

The accompanying drawings, which are incorporated in and constitute apart of this specification, illustrate embodiments of the invention andtogether with the description, serve to explain the principles of theinvention.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram of a networked system including an archivesystem consistent with the present invention.

FIG. 2 is an expanded block diagram of archive system of FIG. 1.

FIG. 3 is a flowchart showing a method for archiving electronic dataconsistent with the present invention.

FIG. 3A is a block diagram of a storage EPM consistent with the presentinvention.

FIG. 4 is a flowchart showing a method for retrieving archived data by acustomer consistent with the present invention.

FIG. 5 is a flowchart showing a method for retrieving archived data by athird party consistent with the present invention.

DESCRIPTION OF THE EMBODIMENTS

Reference will now be made in detail to the exemplary embodimentsconsistent with the invention, examples of which are illustrated in theaccompanying drawings. Wherever possible, the same reference numberswill be used throughout the drawings to refer to the same or like parts.

FIG. 1 is a block diagram of a networked system 100 for providingarchive services to customers. System 100 may include one or morearchive systems 101 connected to a plurality of customer systems 120through a network 110. Network 110 may include, for example, a LocalArea Network (LAN), a Wide Area Network (WAN), a wireless network, theInternet, an intranet, and/or any other network or communication mediumknown to one of ordinary skill in the relevant art. Communicationsbetween archive system 101 and customer systems 120 may take place overnetwork 110 through a secure sockets layer (“SSL”) protocol or secureHyperText Transfer Protocol (“S-HTTP”).

FIG. 2 is a block diagram of an archive system 101 consistent with thepresent invention. Archive system 101 may include a processor 200, whichconnects over bus 210 to a memory 220, a secondary storage 230, anetwork interface component 240, an input/output interface component250, an archive database 260, and an authorization database 270. Memory220 may include an archive administrator component 275 and an operatingsystem 280. Alternatively archive database 260 and authorizationdatabase 270 may be combined into a single database.

Operation of archive system 101 is generally controlled and coordinatedby operating system 280. Operating system 280 controls allocation ofsystem resources and performs tasks, such as memory management, processscheduling, networking, and services, among other things.

Secondary storage 230 may include a computer-readable medium, such as ahard disk drive and a compact disc (“CD”) drive or a read/write CDdrive. From the CD drive or the read/write CD drive, software and datamay be loaded onto the disk drive, which may then be copied into memory220. Similarly, software and data in memory 220 may be copied onto thehard disk drive, which may then be loaded onto a read/write CD drive.

Network interface component 240 may include hardware and software forsending and receiving data over network 110 (see FIG. 1). Archive system101 may communicate with one or more customer systems 120 over network110 through network interface component 240.

Input/Output interface component 250 may include one or more of, akeyboard, a pointing device, a voice recognition device, a keypad,display unit, or a printing device. Archive database 260 may include oneor more databases and/or data files for the storage of data relating tocustomers 120. Authorization database 270 may include one or moredatabases and/or data files for storing information about customerarchival transactions.

FIG. 3 is a flowchart showing a method for archiving electronic data.The electronic data may include, for example, an electronic file. Asshown in FIG. 3, a customer 120 may use a browser, such as the MicrosoftInternet Explorer or a SUPER Browser, to access a web page on an archivesystem 101 to establish an account with an archive administrator overnetwork 110 (stage 310). An exemplary SUPER Browser is described in U.S.Ser. No. 60/294,001, filed May 30, 2001, by Leo J. Campbell and titled“Secure Universal Postal Encrypted Resource (SUPER) Browser,” the entiredisclosure of which is expressly incorporated herein by reference. Anarchive administrator may include, for example, the United States PostalService (“USPS”).

With reference to FIGS. 1 and 2, archive administrator component 275 mayreceive identification information from customer 120, for example, ausername, password, company, email address, physical address, etc.Archive administrator component 275 determines based on theidentification information, whether customer 120 has a digitalcertificate of authority (“digital certificate”). If customer 120 doesnot have a digital certificate, archive administrator component 275generates a digital certificate for customer 120 and sends it tocustomer 120 over network 110. Archive administrator component 275 maystore identification information including information about digitalcertificates for customers 120 in an access authorization database 270.The identification information may be used to link access authorizationdatabase 270 with archive database 260. Archive administrator component275 may be implemented in any computer programming language or softwaretool, such as C++, C, Java, Hypertext Markup Language (“HTML”), VisualBasic, etc.

A digital certificate may be used to uniquely identify a customer and toprovide authorization to a customer for access of electronicinformation, such as an archived electronic file. An exemplary digitalcertificate of authority is described in U.S. Ser. No. 09/809,325, filedMar. 16, 2001, by Leo J. Campbell et al. and titled “Methods and Systemsfor Proofing Identities Using a Certificate Authority,” the entiredisclosure of which is expressly incorporated herein by reference. Forexample, the USPS provides a public key infrastructure, which includes,among other things, the generation of digital certificates.

Returning to FIG. 3, once a customer 120 has an account, the customermay submit to archive system 101 over network 110, a storage request forarchiving data (stage 320). The storage request includes an electronicfile that may include a record, data, a database, a compressed file, amusic file, etc. In addition, the storage request includes customeridentification information, such as a digital certificate and optionallya name and password. Archive administrator component 275 creates astorage request EPM and applies it to the storage request by generatinga storage request record for the transaction in transaction log 265 inarchive database 260 (stage 330). The storage request EPM may be used totrack the archival of the electronic file. A storage request EPM mayinclude the time and date of the request, and customer identificationinformation, allowing archive system 101 to keep track of storagerequest transactions. Thereafter, archive administrator component 275creates a storage EPM 370 based on the electronic file.

As shown in FIG. 3A, archive administrator component 275 creates thestorage EPM 370 by generating a hash file 374 from the electronic file372, and storing the hash file 374 in storage EPM 370 (stage 340).Archive administrator component 275 may generate hash file 374 usingknown hashing techniques, such as a Secure Hash Algorithm (“SHA-1), atechnique based on an algorithm provided by Rivest, Shamir, and Adelman(“RSA”), and a Message Digest algorithm (“MD5”). Archive administratorcomponent 275 also stores in storage EPM 370 a time and date stamp 375to indicate the time and date of the storage of the electronic file. Inaddition, archive administrator component 275 may store in storage EPM370 a digital signature 376 having a digital key 377 for digitallysecuring the storage EPM 370. Further, archive administrator component275 may store customer identification information in storage EPM 370.

Thereafter, as shown in FIG. 3, archive administrator component 275stores the storage EPM 370 in archive database 260 (stage 350). Archivedatabase 260 may include tables for storing storage EPMs, logs for EPMtransactions, and archive administrator system files. At this point,archive administrator component 275 may bill customer 120 for storage ofthe electronic file (stage 360). The electronic file may remain instorage for a length of time that is determined by customer 120.

FIG. 4 is a flowchart showing a method for retrieving archived data by acustomer. As shown in FIG. 4, a customer 120 may submit to archivesystem 101 over network 110 an access request for an archived electronicfile (stage 410). The access request includes information identifyingthe archived electronic file and customer identification information,such as a digital certificate and optionally a name and password. Theinformation identifying the archived electronic file may include, forexample, a filename for the electronic file. Archive administratorcomponent 275 creates an access request EPM based on the customeridentification information, and applies it to the access request bygenerating a record for the transaction in transaction log 265 inarchive database 260 (stage 420). The access request EPM may be used totrack access requests for the archived electronic file and may includethe time and date of the access request, and customer identificationinformation.

Archive administrator component 275 then verifies whether customer 120is allowed to access the archived electronic file, using information inauthorization database 270, customer identification information, andinformation identifying the archived electronic file (stage 430). Ifcustomer 120 is not allowed access to the archived electronic file(“No”), archive administrator component 275 may send an appropriatemessage to customer 120 and terminates the transaction (stage 490).Otherwise (“Yes”), archive administrator component 275 retrieves a copyof the archived electronic file from archive database 260 (stage 440).More specifically, archive administrator component 275 retrieves thestorage EPM 370 from archive database 260 based on the customeridentification information and the information identifying the archivedelectronic file. Next, archive administrator component 275 retrieves thearchived electronic file from the hash of data 374 in the storage EPM370.

In addition, archive administrator component 275 creates an access EPMand applies it to the archived electronic file by generating a recordfor the transaction in a transaction log 265 in the archive database 260(stage 450). An access EPM includes the time and date on which theaccess request was processed by the archive system 101.

Thereafter, archive administrator component 275 provides customer 120access to the electronic file by sending the copy of the electronic fileto customer 120 over network 110 (stage 460). Alternatively, archiveadministrator component 275 may send the electronic file to a fileserver, and send the location of the electronic file at the file serverto customer 120. In addition, archive administrator component 275 maybill customer 120 for access of the archived electronic file (stage470). Customer 120 may make changes to the electronic file, and mayrequest the revised electronic file be archived by archive system 101.

FIG. 5 is a flowchart showing a method for retrieving archived data by athird party. Sometime during the life of the storage of the electronicfile, a third party may wish to access customer 120 information inarchive system 101. A customer 120 may share with a third party thecustomer's access privileges for one or more electronic files throughthe use of digital certificates. An authorized third party's digitalcertificate may be linked to the customer's digital certificate, therebygiving the third party access into the electronic archive system 101 forone or more archived electronic files specified by customer 120.

As shown in FIG. 5, a customer 120 may submit to the archive system 101over network 110 a link request to permit a third party to access anarchived electronic file to which customer 120 has access (stage 510).The link request may include information identifying the archivedelectronic file, customer identification information, such as a digitalcertificate and optionally a name and password, and a third party'sdigital certificate. The information identifying the archived electronicfile may include, for example, a filename for the electronic file.Archive administrator component 275 creates a link request EPM andapplies it to the link request by generating a record for thetransaction in transaction log 265 in archive database 260 (stage 515).A link request EPM may include the time and date of the link request,the information identifying the archived electronic file, the customeridentification information, and information about the third party'sdigital certificate.

Archive administrator component 275 verifies that customer 120 isallowed to access the archived electronic file, using information inauthorization database 270 and the customer identification information(stage 517). If customer 120 is not allowed access to the archivedelectronic file (“No”), archive administrator component 275 sends anappropriate message to customer 120 and terminates the transaction(stage 590). Otherwise (“Yes”), archive administrator component 275links the customer's digital certificate to the third party's digitalcertificate for access to the archived electronic file (stage 520). Inaddition, archive administrator component 275 creates a link EPM andapplies it to the archived electronic file by generating a record forthe transaction in transaction log 265 in archive database 260. A linkEPM may include the time and date on which the customer's digitalcertificate was electronically linked to the third party's digitalcertificate, information about the third party's digital certificate,and an index link to the storage EPM that includes the electronic file.

Thereafter, the third party may submit to the archive system 101 overnetwork 110 an access request for the archived electronic file, theaccess request including information identifying the archived electronicfile, and identification information about the third party, such as thethird party's digital certificate and optionally a name and password(stage 525). The information identifying the archived electronic filemay include, for example, a filename for the electronic file. Archiveadministrator component 275 creates an access request EPM and applies itto the access request by generating a record for the transaction intransaction log 265 in archive database 260 (stage 530). The accessrequest EPM may be used to track access requests for the archivedelectronic file. An access request EPM may include the time and date ofthe access request and identification information about the third party,allowing archive system 101 to keep track of access requesttransactions.

Archive administrator component 275 verifies that the third party isallowed to access the archived electronic file (stage 535). Archiveadministrator component 275 may determine whether the third party isallowed access to the archived electronic file based on information inthe authorization database 270 and the identification information aboutthe third party (stage 540). If the third party is not allowed access tothe electronic file (“No”), archive administrator component 275 sends anappropriate message to the third party and terminates the transaction(stage 590). Otherwise (“Yes”), archive administrator component 275retrieves a copy of the archived electronic file from archive database260 (stage 550). More specifically, archive administrator component 275retrieves the storage EPM 370 from archive database 260 based on thethird party identification information and the information identifyingthe archived electronic file. Next, archive administrator component 275retrieves the archived electronic file from the hash of data 374 in thestorage EPM 370.

In addition, archive administrator component 275 creates an access EPMand applies it to the archived electronic file by generating a recordfor the transaction in transaction log 265 in archive database 260(stage 560). An access EPM includes the time and date on which theaccess request was processed by the archive system 101, allowing archivesystem 101 to keep track of information about the access of the archivedelectronic file.

Thereafter, archive administrator component 275 allows the third partyto access the electronic file by sending the copy of the electronic fileto the third party over network 110 (stage 570). Alternatively, archiveadministrator component 275 may send the electronic file to a fileserver, and send the location of the electronic file at the file serverto the third party. In addition, archive administrator component 275 maybill customer 120 for access of the electronic file (stage 580). Thethird party may make changes to the electronic file, and customer 120may request the revised electronic file be archived by archive system101.

Other embodiments of the invention will be apparent to those skilled inthe art from consideration of the specification and practice of theinvention disclosed herein. It is intended that the specification andexamples be considered as exemplary only, with a true scope and spiritof the invention being indicated by the following claims.

1. A method for providing secure archiving of an electronic file,comprising: establishing an account for a customer; receiving from thecustomer a storage request for archiving, wherein the storage requestincludes the electronic file and customer identification information;creating a storage electronic postmark corresponding to the storagerequest, wherein the storage electronic postmark includes the electronicfile; and storing the electronic file together with the storageelectronic postmark in a database.
 2. The method of claim 1, wherein thestorage electronic postmark includes the customer identificationinformation.
 3. The method of claim 2, wherein the customeridentification information includes a digital certificate.
 4. The methodof claim 3, wherein the customer identification information furtherincludes a name and password.
 5. The method of claim 1, furthercomprising: creating a storage request electronic postmark correspondingto the storage request, wherein the storage request electronic postmarkincludes the customer identification information; and storing thestorage request electronic postmark in the database.
 6. A system forproviding secure archiving of an electronic file, comprising: means forestablishing an account for a customer; means for receiving from thecustomer a storage request for archiving, wherein the storage requestincludes the electronic file and customer identification information;means for creating a storage electronic postmark corresponding to thestorage request, wherein the storage electronic postmark includes theelectronic file; and means for storing the electronic file together withthe storage electronic postmark in a database.
 7. The system of claim 6,further comprising: means for creating a storage request electronicpostmark corresponding to the storage request, wherein the storagerequest electronic postmark includes the customer identificationinformation; and means for storing the storage request electronicpostmark in the database.
 8. A system for providing secure archiving ofan electronic file, comprising: a component for establishing an accountfor a customer; a component for receiving from the customer a storagerequest for archiving, wherein the storage request includes theelectronic file and customer identification information; a component forcreating a storage electronic postmark corresponding to the storagerequest, wherein the storage electronic postmark includes the electronicfile; and a component for storing the electronic file together with thestorage electronic postmark in a database.
 9. The system of claim 8,further comprising: a component for creating a storage requestelectronic postmark corresponding to the storage request, wherein thestorage request electronic postmark includes the customer identificationinformation; and a component for storing the storage request electronicpostmark in the database.
 10. A method for providing access to a securedelectronic file to a customer, the method comprising: providing adatabase wherein the electronic file and customer identificationinformation are stored with a storage electronic postmark; receiving anaccess request from the customer for the electronic file, wherein theaccess request includes the customer identification information andinformation identifying the electronic file in the database; verifyingthat the customer is allowed to access the electronic file based on thecustomer identification information and the information identifying theelectronic file in the database; retrieving the stored electronic filefrom the database; and providing the retrieved electronic file to thecustomer.
 11. The method of claim 10, wherein the customeridentification information includes a digital certificate.
 12. Themethod of claim 11, wherein the customer identification informationfurther includes a name and password.
 13. The method of claim 10,further comprising: creating an access request electronic postmarkcorresponding to the access request, wherein the access requestelectronic postmark includes the customer identification information;and storing the access request electronic postmark in the database. 14.The method of claim 10, further comprising: creating an accesselectronic postmark; and storing the access electronic postmark in thedatabase.
 15. The method of claim 10, wherein the informationidentifying the electronic file in the database includes a filename. 16.The method of claim 10, wherein the step of retrieving the storedelectronic file from the database comprises: extracting the storedelectronic file from the storage electronic postmark.
 17. A system forproviding access to a secured electronic file to a customer, the systemcomprising: means for providing a database wherein the electronic fileand customer identification information are stored with a storageelectronic postmark; means for receiving an access request from thecustomer for the electronic file, wherein the access request includesthe customer identification information and information identifying theelectronic file in the database; means for verifying that the customermay access the electronic file based on the customer identificationinformation and the information identifying the electronic file in thedatabase; means for retrieving the stored electronic file from thedatabase; and means for providing the retrieved electronic file to thecustomer.
 18. The system of claim 17, further comprising: means forcreating an access request electronic postmark corresponding to theaccess request, wherein the access request electronic postmark includesthe customer identification information; and means for storing theaccess request electronic postmark in the database.
 19. The system ofclaim 17, further comprising: means for creating an access electronicpostmark; and means for storing the access electronic postmark in thedatabase.
 20. The system of claim 17, wherein the means for retrievingthe stored electronic file from the database comprises: means forextracting the stored electronic file from the storage electronicpostmark.
 21. A system for providing access to a secured electronic fileto a customer, the system comprising: a component for providing adatabase wherein the electronic file and customer identificationinformation are stored with a storage electronic postmark; a componentfor receiving an access request from the customer for the electronicfile, wherein the access request includes the customer identificationinformation and information identifying the electronic file in thedatabase; a component for verifying that the customer may access theelectronic file based on the customer identification information and theinformation identifying the electronic file in the database; a componentfor retrieving the stored electronic file from the database; and acomponent for providing the retrieved electronic file to the customer.22. The system of claim 21, further comprising: a component for creatingan access request electronic postmark corresponding to the accessrequest, wherein the access request electronic postmark includes thecustomer identification information; and a component for storing theaccess request electronic postmark in the database.
 23. The system ofclaim 21, further comprising: a component for creating an accesselectronic postmark; and a component for storing the access electronicpostmark in the database.
 24. The system of claim 21, wherein thecomponent for retrieving the stored electronic file from the databasecomprises: a component for extracting the stored electronic file fromthe storage electronic postmark.
 25. A method for providing access to asecured electronic file to a third party, the method comprising:providing a database wherein the electronic file and customeridentification information are stored with a storage electronicpostmark; receiving from a customer a link request to permit access ofthe electronic file by the third party, wherein the link requestincludes information identifying the electronic file in the database,the customer identification information including the customer's digitalcertificate, and the third party's digital certificate; authenticatingthe customer based on the customer identification information; linkingthe customer's digital certificate to the third party's digitalcertificate, when the customer has been authenticated; receiving anaccess request from the third party, wherein the access request includesidentification information about the third party and the informationidentifying the electronic file in the database; verifying that thethird party may access the electronic file based on identificationinformation about the third party; retrieving the electronic file fromthe database; and providing the retrieved electronic file to the thirdparty.
 26. The method of claim 25, wherein the customer identificationinformation further includes a name and password.
 27. The method ofclaim 25, wherein the identification information about the third partyincludes the third party's digital certificate.
 28. The method of claim27, wherein the identification information about the third party furtherincludes a name and password.
 29. The method of claim 25, furthercomprising: creating a link request electronic postmark corresponding tothe link request; and storing the link request electronic postmark inthe database.
 30. The method of claim 25, further comprising: creatingan access request electronic postmark corresponding to the accessrequest; and storing the access request electronic postmark in thedatabase.
 31. The method of claim 25, further comprising: creating anaccess electronic postmark corresponding to the retrieval of theelectronic file; and storing the access electronic postmark in thedatabase.
 32. The method of claim 25, wherein the informationidentifying the electronic file in the database includes a filename. 33.The method of claim 25, wherein the step of retrieving the storedelectronic file from the database comprises: extracting the storedelectronic file from the storage electronic postmark.
 34. A system forproviding access to a secured electronic file to a third party, thesystem comprising: means for providing a database wherein the electronicfile and customer identification information are stored with a storageelectronic postmark; means for receiving from a customer a link requestto permit access of the electronic file by the third party, wherein thelink request includes information identifying the electronic file in thedatabase, the customer identification information including thecustomer's digital certificate, and the third party's digitalcertificate; means for authenticating the customer based on the customeridentification information; means for linking the customer's digitalcertificate to the third party's digital certificate, when the customerhas been authenticated; means for receiving an access request from thethird party, wherein the access request includes identificationinformation about the third party and the information identifying theelectronic file in the database; means for verifying that the thirdparty may access the electronic file based on identification informationabout the third party; means for retrieving the electronic file from thedatabase; and means for providing the retrieved electronic file to thethird party.
 35. The system of claim 34, further comprising: means forcreating a link request electronic postmark corresponding to the linkrequest; and means for storing the link request electronic postmark inthe database.
 36. The system of claim 34, further comprising: means forcreating an access request electronic postmark corresponding to theaccess request; and means for storing the access request electronicpostmark in the database.
 37. The system of claim 34, furthercomprising: means for creating an access electronic postmarkcorresponding to the retrieval of the electronic file; and means forstoring the access electronic postmark in the database.
 38. The systemof claim 34, wherein the means for retrieving the stored electronic filefrom the database comprises: means for extracting the stored electronicfile from the storage electronic postmark.
 39. A system for providingaccess to a secured electronic file to a third party, the systemcomprising: a component for providing a database wherein the electronicfile and customer identification information are stored with a storageelectronic postmark; a component for receiving from a customer a linkrequest to permit access of the electronic file by the third party,wherein the link request includes information identifying the electronicfile in the database, the customer identification information includingthe customer's digital certificate, and the third party's digitalcertificate; a component for authenticating the customer based on thecustomer identification information; a component for linking thecustomer's digital certificate to the third party's digital certificate,when the customer has been authenticated; a component for receiving anaccess request from the third party, wherein the access request includesidentification information about the third party and the informationidentifying the electronic file in the database; a component forverifying that the third party may access the electronic file based onidentification information about the third party; a component forretrieving the electronic file from the database; and a component forproviding the retrieved electronic file to the third party.
 40. Thesystem of claim 39, further comprising: a component for creating a linkrequest electronic postmark corresponding to the link request; and acomponent for storing the link request electronic postmark in thedatabase.
 41. The system of claim 39, further comprising: a componentfor creating an access request electronic postmark corresponding to theaccess request; and a component for storing the access requestelectronic postmark in the database.
 42. The system of claim 39, furthercomprising: a component for creating an access electronic postmarkcorresponding to the retrieval of the electronic file; and a componentfor storing the access electronic postmark in the database.
 43. Thesystem of claim 39, wherein the component for retrieving the storedelectronic file from the database comprises: a component for extractingthe stored electronic file from the storage electronic postmark.
 44. Amethod for creating a customer accessible database, comprising: creatinga first table for storing electronic postmark transactions; storing theelectronic postmark transactions in the first table; creating a secondtable for storing an electronic file with a storage electronic postmarkand; storing the electronic file with the storage electronic postmark inthe second table.
 45. The method of claim 44, wherein the electronicpostmark transactions include at least one of storage request electronicpostmark, access request electronic postmark, access electronicpostmark, link request electronic postmark, link electronic postmark,and customer identification information.
 46. The method of claim 45,wherein the customer identification information includes a digitalcertificate.
 47. The method of claim 46, wherein the customeridentification information further includes a name and password.
 48. Asystem for creating a customer accessible database, comprising: meansfor creating a first table for storing electronic postmark transactions;means for storing the electronic postmark transactions in the firsttable; means for creating a second table for storing an electronic filewith a storage electronic postmark and; means for storing the electronicfile with the storage electronic postmark in the second table.
 49. Amethod for accessing a customer accessible database having at least oneof storage electronic postmark, storage request electronic postmark,access request electronic postmark, access electronic postmark, linkrequest electronic postmark, link electronic postmark, and customeridentification information, the system comprising: creating a recordincluding at least one of storage electronic postmark, storage requestelectronic postmark, access request electronic postmark, accesselectronic postmark, link request electronic postmark, and linkelectronic postmark; storing the record in the database; and retrievingthe record from the database.
 50. The method of claim 49, furthercomprising extracting an electronic file from the retrieved record thatincludes the storage electronic postmark.
 51. A system for accessing acustomer accessible database having at least one of storage electronicpostmark, storage request electronic postmark, access request electronicpostmark, access electronic postmark, link request electronic postmark,link electronic postmark, and customer identification information, thesystem comprising: means for creating a record including at least one ofstorage electronic postmark, storage request electronic postmark, accessrequest electronic postmark, access electronic postmark, link requestelectronic postmark, and link electronic postmark; means for storing therecord in the database; and means for retrieving the record from thedatabase.
 52. The system of claim 51, further comprising means forextracting an electronic file from the retrieved record that includesthe storage electronic postmark.